The Rise of Ransomware

What is Ransomware?

Ransomware is a type of malicious software or malware designed to block access to a computer system and threaten the victim until a ransom is paid. Historically, most ransomware targets individuals, but more recently, human-operated ransomware, which targets companies, has become a larger and more difficult threat to prevent and reverse.

With human-operated ransomware, a group of attackers use their collective intelligence to gain access to an organisation’s enterprise network. Some attacks like this are so sophisticated that the attackers use internal financial documents to set the ransom price.

What is WannaCry?

WannaCry is a ransomware virus that spread rapidly across several computer networks in 2017. After intercepting a Windows computer, it encrypted files on the PC’s hard drive, making them impossible for users to access – then demanded a ransom payment in Bitcoin to release them. WannaCry was well published and top news in 2017, particularly because it struck many important and high-profile systems, including Britain’s National Health Service (NHS) by exploiting a Windows vulnerability.

What is NotPetya?

NotPetya is a high-profile case of ransomware attacks, one the most fascinating malware incidents of recent history and came shortly after the infamous WannaCry. Part of the reason why it is so highly recognised is due to the way it spread rapidly between devices and networks – as well as its widespread impact.

Petya was a fairly basic strain of ransomware that encrypted Windows machines, with hackers demanding payment once again in Bitcoin, for the return of data they had seized. It was unremarkable, beyond being the first strain to encrypt a victim’s master file documents, as opposed to just the files on the drive. Then to top it off Petya evolved, with a more powerful strain emerging the following year.

Protection against ransomware – 6 ways to prevent an attack

1. Never click on unsafe links: If you are unsure of a link that does not look secure, then avoid clicking on it, in spam messages or on unknown websites.
2. Do not disclose personal information: If you receive a call, text message, or email from an untrusted source requesting personal information, do not reply. Cybercriminals might try to collect personal information in advance, which is then used to adapt phishing messages specifically to you.
3. Be wary of suspicious email attachments: To ensure an email is trustworthy, pay close attention to the sender and check that the address is correct. Never open attachments that you are not 100% certain are genuine.
4. Check for updates and keep your software up to date: Regularly updating software and operating systems including Anti-Virus applications helps to protect you from malware.
5. Verify download sources are genuine: To reduce the risk of downloading ransomware, never agree to download software or media files from unknown sites, and check the sites and downloads are genuine before proceeding.
6. Use VPN services on public Wi-Fi networks: When using a public Wi-Fi network, your computer is more vulnerable to attacks. To stay protected, avoid using public Wi-Fi and use a secure VPN service.